From b1c10bc8b225beec0752f1b96acfa38a5f95cc92 Mon Sep 17 00:00:00 2001
From: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Date: Wed, 27 Nov 2019 21:01:34 +0000
Subject: nfs: set up request-key for id mapping

A patch is necessary upstream to support multiple configs via symlinks
in /etc/request-key.d

Once that is done, we can add support for CIFS as well
---
 nixos/modules/tasks/filesystems/nfs.nix | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'nixos/modules/tasks')

diff --git a/nixos/modules/tasks/filesystems/nfs.nix b/nixos/modules/tasks/filesystems/nfs.nix
index e0e8bb1f03de..ddcc0ed8f5a4 100644
--- a/nixos/modules/tasks/filesystems/nfs.nix
+++ b/nixos/modules/tasks/filesystems/nfs.nix
@@ -25,6 +25,9 @@ let
   '';
 
   nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
+  requestKeyConfFile = pkgs.writeText "request-key.conf" ''
+    create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
+  '';
 
   cfg = config.services.nfs;
 
@@ -57,9 +60,12 @@ in
 
     systemd.packages = [ pkgs.nfs-utils ];
 
+    environment.systemPackages = [ pkgs.keyutils ];
+
     environment.etc = {
       "idmapd.conf".source = idmapdConfFile;
       "nfs.conf".source = nfsConfFile;
+      "request-key.conf".source = requestKeyConfFile;
     };
 
     systemd.services.nfs-blkmap =
-- 
cgit v1.2.3